Comment Re:J2EE security? should be just Java 2 security (Score 1) 66
I am the author of this book.
JAAS is indeed a great feature of Java/J2EE systems and no good book would be complete without a good discussion on this topic. This book is no different. It include a complete chapter devoted to it -- the chapter titled "Access Control". This chapter includes description of policy files to control access using codebase (from where the class files are loaded), signer, logged-in user or any combination of these. The cahpter also has details on using LoginModules, how to write JAAS LoginModules and how to use them from within a program. Please refer to the example sources at the book's website.
JAAS is indeed a great feature of Java/J2EE systems and no good book would be complete without a good discussion on this topic. This book is no different. It include a complete chapter devoted to it -- the chapter titled "Access Control". This chapter includes description of policy files to control access using codebase (from where the class files are loaded), signer, logged-in user or any combination of these. The cahpter also has details on using LoginModules, how to write JAAS LoginModules and how to use them from within a program. Please refer to the example sources at the book's website.
